From e385d33a296bd9cfbb2fbb97a31420dfe6017ef1 Mon Sep 17 00:00:00 2001
From: dan <dan@noemail.net>
Date: Wed, 6 Feb 2019 20:49:49 +0000
Subject: [PATCH] Ensure all bytes of the PgHdr1 structure are initialized.
 This avoids a valgrind error when running corruptI.test.

FossilOrigin-Name: a505e34d4ec31159a4508ec827fcffed0cf3bd5ea5ef0ac293016da02367a53a
---
 manifest      | 12 ++++++------
 manifest.uuid |  2 +-
 src/pcache1.c | 15 +++++++++++++--
 3 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/manifest b/manifest
index 7301a2623f..c5d0ffd6b5 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Update\san\sassert()\sin\stest_journal.c\sto\stake\sthe\snew\s"VACUUM\sINTO"\sfunctionality\sinto\saccount.
-D 2019-02-06T20:12:00.950
+C Ensure\sall\sbytes\sof\sthe\sPgHdr1\sstructure\sare\sinitialized.\sThis\savoids\sa\svalgrind\serror\swhen\srunning\scorruptI.test.
+D 2019-02-06T20:49:49.545
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F Makefile.in 178d8eb6840771149cee40b322d1b3be30d330198c522c903c1b66fb5a1bfca4
@@ -506,7 +506,7 @@ F src/pager.h 217921e81eb5fe455caa5cda96061959706bcdd29ddb57166198645ef7822ac3
 F src/parse.y 741a270b7f2f85bc5d026d06fb5a9ccba5335304ff2831e1cb44b36cd0da6006
 F src/pcache.c 696a01f1a6370c1b50a09c15972bc3bee3333f8fcd1f2da8e9a76b1b062c59ee
 F src/pcache.h 4f87acd914cef5016fae3030343540d75f5b85a1877eed1a2a19b9f284248586
-F src/pcache1.c fffd5250a323579384a3b3904302b9fe87e186ba24602af3013f749a0234ae98
+F src/pcache1.c a72804486dfa8e4b6bc30d666c97ecf1155f91a4351fc6e48ea4097e4eb304fb
 F src/pragma.c af67dedaad8bafe9a5f9adcec32a0da6dd118617dd8220ad1d118f5a6bf83a02
 F src/pragma.h a776bb9c915207e9d1117b5754743ddf1bf6a39cc092a4a44e74e6cb5fab1177
 F src/prepare.c 78027c6231fbb19ca186a5f5f0c0a1375d9c2cec0655273f9bd90d9ff74a34b3
@@ -1804,7 +1804,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 9d54a63d6e3cd47b483cf0ee868a5e7f638bcb0e3cbdeaecc667f293b87a3e99
-R 8c85950d3cd30dc89de951d666875053
+P 0e6249cb958a40ead0edf6e75a2c46e8657db3d358c5fe78a9dc0fa5ed7ad929
+R ae802dacb8527f87f376ccfd3e8e8a19
 U dan
-Z a7b437b21243f686db6fff4b720de94a
+Z afd2fa2b6e156ba28cf67431d1126efa
diff --git a/manifest.uuid b/manifest.uuid
index f296734b9c..acc0ea617a 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-0e6249cb958a40ead0edf6e75a2c46e8657db3d358c5fe78a9dc0fa5ed7ad929
\ No newline at end of file
+a505e34d4ec31159a4508ec827fcffed0cf3bd5ea5ef0ac293016da02367a53a
\ No newline at end of file
diff --git a/src/pcache1.c b/src/pcache1.c
index 72e81bb2b2..5f502d57ba 100644
--- a/src/pcache1.c
+++ b/src/pcache1.c
@@ -92,12 +92,22 @@ typedef struct PGroup PGroup;
 ** structure. Unless SQLITE_PCACHE_SEPARATE_HEADER is defined, a buffer of
 ** PgHdr1.pCache->szPage bytes is allocated directly before this structure 
 ** in memory.
+**
+** Note: Variables isBulkLocal and isAnchor were once type "u8". That works,
+** but causes a 2-byte gap in the structure for most architectures (since 
+** pointers must be either 4 or 8-byte aligned). As this structure is located
+** in memory directly after the associated page data, if the database is
+** corrupt, code at the b-tree layer may overread the page buffer and 
+** read part of this structure before the corruption is detected. This
+** can cause a valgrind error if the unitialized gap is accessed. Using u16
+** ensures there is no such gap, and therefore no bytes of unitialized memory
+** in the structure.
 */
 struct PgHdr1 {
   sqlite3_pcache_page page;      /* Base class. Must be first. pBuf & pExtra */
   unsigned int iKey;             /* Key value (page number) */
-  u8 isBulkLocal;                /* This page from bulk local storage */
-  u8 isAnchor;                   /* This is the PGroup.lru element */
+  u16 isBulkLocal;               /* This page from bulk local storage */
+  u16 isAnchor;                  /* This is the PGroup.lru element */
   PgHdr1 *pNext;                 /* Next in hash table chain */
   PCache1 *pCache;               /* Cache that currently owns this page */
   PgHdr1 *pLruNext;              /* Next in LRU list of unpinned pages */
@@ -303,6 +313,7 @@ static int pcache1InitBulk(PCache1 *pCache){
       pX->isBulkLocal = 1;
       pX->isAnchor = 0;
       pX->pNext = pCache->pFree;
+      pX->pLruPrev = 0;           /* Initializing this saves a valgrind error */
       pCache->pFree = pX;
       zBulk += pCache->szAlloc;
     }while( --nBulk );
-- 
2.47.2